package org.mii.safeguard_v1.util;

import javax.servlet.ServletContext;

import org.springframework.beans.factory.FactoryBean;
import org.springframework.context.ApplicationContext;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.intercept.web.FilterInvocationDefinitionSource;
import org.springframework.security.intercept.web.FilterSecurityInterceptor;
import org.springframework.web.context.support.WebApplicationContextUtils;
import org.springside.modules.security.springsecurity.SpringSecurityUtils;

public class SafeguardSecurityUtils extends SpringSecurityUtils {

	public static GrantedAuthority[] getCurrentUserAuthorities() {
		return SecurityContextHolder.getContext().getAuthentication()
				.getAuthorities();
	}

	/**
	 * 刷新内存中的资源，当添加资源后，调用该方法可使资源立即生效哦
	 * 
	 * @param sc 类型javax.servlet.ServletContext 可以通过session获取
	 * @throws Exception
	 */
	public static void updateResource(ServletContext sc) throws Exception{

		ApplicationContext ctx = WebApplicationContextUtils
				.getWebApplicationContext(sc);

		FactoryBean factoryBean = (FactoryBean) ctx
				.getBean("&databaseDefinitionSource");
		FilterInvocationDefinitionSource fids = (FilterInvocationDefinitionSource) factoryBean
				.getObject();
		FilterSecurityInterceptor filter = (FilterSecurityInterceptor) ctx
				.getBean("filterSecurityInterceptor");
		filter.setObjectDefinitionSource(fids);

	}
}
